<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

Release Notes: Imunify360 v.5.1 beta

Aug 13, 2020 7:28:13 PM / by Dmitry Tkachuk



We’re pleased to announce that a new beta version of Imunify360, version 5.1, is now available. The following features are new in the v.5.1 beta release:

    • Malware Database Clean-up
      Malware Database Scanner (MDS) is a new component in the Imunify360 defense system. It finds and cleans up database infections, protecting web site clients against widely exploited XSS, CSRF, redirects, black SEO, and other annoying factors that negatively affect a website's reputation.
    • Port Firewall Enhancement: Block all except specified ports
      New firewall mode blocks all ports unless they are explicitly allowed. It’s another effective solution against zero-day exploitation in-network services. This is considered to be a firewall industry standard, providing better server protection for custom setups.
    • Proactive Defense in “Log only” mode by default
      The new default settings for Imunify360’s Proactive Defense component provide better visibility of malicious activity.
    • Auto-whitelisting of the server IPs behind the NAT

Let’s review the changes.

Malware Database Clean-up

Many times during malware removal we saw issues that were not initially caused by file-based malware. The real issue root cause was caused by database malware. Usually, the symptoms look like the following:

  • Continuous re-infection of cached-files
  • Bad site reputation (revealed via Google Safe Browsing)
  • Redirects or spammy links on a hosted site

Malicious removal for such cases isn’t simple. It requires high-quality staff to clean up the database, keep the site functional, and not lose any piece of valuable data.

We decided to automate the process. Taking all our malware detection and clean-up experience, we developed a new Malware Database Scanner (MDS). It is designed to solve all malware related problems in the database.

Version 5.1 of Imunify360 introduces a CLI tool without the UI. Further versions will be integrated with the Malware Scanner UI.

MDS help and usage examples can be found at the docs.imunify360.com.

At this moment, this feature is experimental and supports only WordPress databases. GUI and support of various web applications are planned for subsequent development.

You now can try it. We would appreciate it if you would share your experience using the MDS.

Port Firewall Enhancement: Block all except specified ports

We’ve received many requests for another firewall operational mode that blocks all ports and leaves only some specific ports open. Originally, Imunify360 allowed blocking specific ports only. Starting from v5.1, Imunify360 allows you to enable the opposite: block everything, but allow listed ports only. 

You can start using it right away since it already supports all typical configurations for cPanel/Plesk/DirectAdmin (system ports are allowed by default, but you can alter). It will look very familiar to you if you used CSF as a port firewall, and it’s a very good moment to switch to the Imunify360 completely.

This feature is “experimental” at the moment, so it is shipped disabled. To enable “Block all except specified ports,” just go to the Firewall and change “Default Blocking Mode.”


Or, just execute these CLI commands:

To block all except specified:

# imunify360-agent config update '{"FIREWALL": {"port_blocking_mode": "DENY"}}'

To allow all except specified:

# imunify360-agent config update '{"FIREWALL": {"port_blocking_mode": "ALLOW"}}'

To set list of allowed ports:

# imunify360-agent config update '{"FIREWALL": {"UDP_IN_IPv4": ["20","21","53","443","1000-1999"]}}'

Exact ports and port-ranges to be allowed can be configured by the following fields in the config file as well:


Changes of config files will be applied automatically. You don’t need to restart the server or Imunify360.

Note: The feature doesn’t support IPv6 addresses at this moment and CSF needs to be disabled due to conflicts.

Proactive Defence in “Log only” mode by default

One of the key components of the Imunify360 - the Proactive Defense - was checked during the last year, so we are finally confident that it is very effective and reliable. Thus, we decided to switch it in the “Log only” mode by default for new installations.


In this mode:

  • All Proactive Defense events will be visible among incidents, but without execution prevention.
  • The server will accumulate all necessary data to make it ready to enable “Kill mode” for Proactive Defense and stay fully protected from the first seconds.

This new default setting is applied to all new installations of Imunify360.

The Proactive Defense mode can be switched using CLI as well:


Command line


# imunify360-agent config update '{"PROACTIVE_DEFENCE": {"mode": "DISABLE"}}'

Log only

# imunify360-agent config update '{"PROACTIVE_DEFENCE": {"mode": "LOG"}}'

Kill Mode

# imunify360-agent config update '{"PROACTIVE_DEFENCE": {"mode": "KILL"}}'

Note: No current Imunify360 installations are affected by these changes. Will be applied to new installations only.

Additional information

Imunify360 v5.1 includes 92 tasks and 11 bug fixes.

Internal records

Important tasks and issues linked to support tickets:



UI enhancements


Updated "Experimental" badges in 5.1


Updated "Dashboard notifications" in 5.1
- new notification: Switch PD to KILL mode
- new notification: Disable ModSecurity rules with high FP rate

- new notification: Enable Trim file instead of remove

- disabled notification: Enable Rapid scan

- removed notification: DoS protection is disabled

- modified notification: Automated malware cleanup
- modified notification: Outdated WAF rules


Improved warning message for servers using CSF integration


Display number of total files processed for currently running scan


Other tasks


integration.conf allows to configure UI owner for stand-alone installations


Improved Proactive Defence logic allows whitelist paths for rules 10001 and 11001 intended to block stand-alone malware execution


Improved Proactive Defence logic allows to track malicious activity and do not depend on relative paths


Enhanced AI-Bolit to support non UTF-8 symbols


ImunifyAV integrated with common exclude list


Proactive defence module (imunify360-php-i360) for ea-php74


Support for multiple SSL virtual hosts in one httpd.conf on DirectAdmin


Whitelist own IP behind the NAT


Flexible logs rotation configuration. Default values:
LOGGER.max_log_file_size = 60MB
LOGGER.backup_count = 5

Coming soon in Imunify360

  • Event and Incident lookup

  • HTTP (D)DOS and enumeration protection

  • An antibot solution

  • Crontab malware removal

  • Malware Database Scanner  UI

Stay in touch

Please give our product team feedback on this version 5.1 release, or share your ideas and feature requests via feedback@imunify360.com.

If you encounter any problems with this beta release, please send a comment or request to our Imunify support team via cloudlinux.zendesk.com.

How to install

To install the new Imunify360 beta v.5.1, please follow the instructions in the documentation.

How to upgrade

To upgrade Imunify360 on CentOS/CloudLinux systems, run the command:

yum update imunify360-firewall --enablerepo=imunify360-testing

To upgrade Imunify360 on Ubuntu 16.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/16.04/ xenial main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Ubuntu 18.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/18.04/ bionic main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

Topics: Imunify360, beta, Release

Dmitry Tkachuk

Written by Dmitry Tkachuk

Imunify Security, Product Manager

    Subscribe to Email Updates

    Ready to try Imunify?

    30-DAY TRIAL

    Recent Posts